Mod proxy » History » Revision 27
« Previous |
Revision 27/43
(diff)
| Next »
gstrauss, 2017-05-21 20:32
The Proxy Interface¶
- Table of contents
- The Proxy Interface
Module: mod_proxy
Description¶
Options¶
lighttpd mod_proxy is a reverse proxy. lighttpd mod_proxy does not currently support SSL/TLS connections to the backend server.
mod_proxy config options:
- proxy.server: tell the module where to send Proxy requests to. Every file-extension can have its own handler. Load-balancing is done by specifying multiple hosts for the same extension.
- proxy.balance: might be one of 'fair' (default), 'hash', 'round-robin' or 'sticky'.
- 'fair' is the normal load-based, passive balancing.
- 'round-robin' chooses another host for each request.
- 'hash' is generating a hash over the request-uri and makes sure that the same request URI is sent to always the same host. That can increase the performance of the backend servers a lot due to higher cache-locality.
- 'sticky' (since 1.4.44) sends requests from the same (client) IP to the same backend.
- proxy.replace-http-host: enable/disable replacing Host header in request to backend with proxy.server label (default: disable) (since 1.4.44)
- proxy.forwarded = append "Forwarded" header (RFC7239) to proxied requests (since 1.4.46)
- proxy.debug: a value between 0 and 65535 to set the debug-level in the Proxy module. Currently only 0 and 1 are used. Use 1 to enable some debug output, 0 to disable it. Note: Use 'enable|disable' in v1.4.13.
Structure of proxy.server section:
( <extension> => ( [ <label> => ] ( "host" => <string> , "port" => <integer> ), ( "host" => <string> , "port" => <integer> ) ), <extension> => ... )
- <extension>: is the file-extension or prefix (if started with "/"); can be empty ("") to match all requests
- <label>: optional name that shows up in the generated statistics of mod_status, useful for indicating which backend handler processed this extension
- "host": is ip of the proxy server _DO not use hostnames here! only IP addresses
(since 1.4.36:) if host starts with a"/"
lighttpd will try to connect to the unix domain socket - "port": is tcp-port on the "host" used by the proxy server (default: 80)
e.g.:
proxy.server = ( ".jsp" => ( ( "host" => "10.0.0.242", "port" => 81 ) ) )
proxy.forwarded (since 1.4.46) is a list of parameters to include in "Forwarded". It is not enabled by default. To provide the same information as X-Forwarded-For and X-Forwarded-Proto, enable "for" and "proto". The "remote_user" is a lighttpd extension to the Forwarded header and, if enabled, adds the authenticated user set by mod_auth.
proxy.forwarded = ( "for" => 1, "proto" => 1, #"host" => 1, #"by" => 1, #"remote_user" => 1 )
Example¶
Using lighttpd + mod_proxy in front of 8 Squids which handle the caching of dynamic content for you. All requests for the host www.example.org should be forwarded to the proxy. All proxies listen on port 80 for requests.
$HTTP["host"] == "www.example.org" { proxy.balance = "hash" proxy.server = ( "" => ( ( "host" => "10.0.0.10" ), ( "host" => "10.0.0.11" ), ( "host" => "10.0.0.12" ), ( "host" => "10.0.0.13" ), ( "host" => "10.0.0.14" ), ( "host" => "10.0.0.15" ), ( "host" => "10.0.0.16" ), ( "host" => "10.0.0.17" ) ) ) }
If one of the hosts goes down the all requests for this one server are moved equally to the other servers. If you want to know more about the algorithm used here, "google" for 'Microsoft CARP'.
Troubleshooting¶
If you are getting:
2007-05-02 09:45:48: (mod_proxy.c.397) connect failed: 8 Network is unreachable 101
2007-05-02 09:45:48: (mod_proxy.c.871) proxy-server disabled: blabla.com 80 8
2007-05-02 09:45:48: (mod_proxy.c.1229) no proxy-handler found for: /
Check if you have used an IP address for the proxy address. Hostnames are not allowed there!
User-contributed Enhancements¶
Use of these patches is not recommended (gstrauss)
Remove HTTP headers X-Forwarded-For, X-Host, X-Forwarded-Proto, replace HTTP headers Host with proxy hostname ("name", then "host") from headers, and support hostnames by gethostbyname. You can get the patch from this page.
( "" => ( "nkbbs.org" => # name ( "host" => "202.113.16.117", "port" => 80 ) ) )
In the configuration of above, this will replace Host with "nkbbs.org"(name). But if the name is shorter than the shortest hostname("g.cn"?), mod_proxy will use Host as "host".
Updated by gstrauss over 7 years ago · 27 revisions